[patch 15/49] JFFS2: fix race condition in jffs2_lzo_compress()

From: Greg KH
Date: Tue Nov 11 2008 - 19:31:44 EST

Next message: Greg KH: "[patch 16/49] JFFS2: Fix lack of locking in thread_should_wake()"
Previous message: Greg KH: "[patch 14/49] md: fix bug in raid10 recovery."
In reply to: Greg KH: "[patch 14/49] md: fix bug in raid10 recovery."
Next in thread: Greg KH: "[patch 16/49] JFFS2: Fix lack of locking in thread_should_wake()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.6.27-stable review patch. If anyone has any objections, please let us know.

------------------

From: Geert Uytterhoeven <Geert.Uytterhoeven@xxxxxxxxxxx>

commit dc8a0843a435b2c0891e7eaea64faaf1ebec9b11 upstream

deflate_mutex protects the globals lzo_mem and lzo_compress_buf. However,
jffs2_lzo_compress() unlocks deflate_mutex _before_ it has copied out the
compressed data from lzo_compress_buf. Correct this by moving the mutex
unlock after the copy.

In addition, document what deflate_mutex actually protects.

Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@xxxxxxxxxxx>
Acked-by: Richard Purdie <rpurdie@xxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: David Woodhouse <David.Woodhouse@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
fs/jffs2/compr_lzo.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)

--- a/fs/jffs2/compr_lzo.c
+++ b/fs/jffs2/compr_lzo.c
@@ -19,7 +19,7 @@

static void *lzo_mem;
static void *lzo_compress_buf;
-static DEFINE_MUTEX(deflate_mutex);
+static DEFINE_MUTEX(deflate_mutex); /* for lzo_mem and lzo_compress_buf */

static void free_workspace(void)
{
@@ -49,18 +49,21 @@ static int jffs2_lzo_compress(unsigned c

mutex_lock(&deflate_mutex);
ret = lzo1x_1_compress(data_in, *sourcelen, lzo_compress_buf, &compress_size, lzo_mem);
- mutex_unlock(&deflate_mutex);
-
if (ret != LZO_E_OK)
- return -1;
+ goto fail;

if (compress_size > *dstlen)
- return -1;
+ goto fail;

memcpy(cpage_out, lzo_compress_buf, compress_size);
- *dstlen = compress_size;
+ mutex_unlock(&deflate_mutex);

+ *dstlen = compress_size;
return 0;
+
+ fail:
+ mutex_unlock(&deflate_mutex);
+ return -1;
}

static int jffs2_lzo_decompress(unsigned char *data_in, unsigned char *cpage_out,

--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[patch 16/49] JFFS2: Fix lack of locking in thread_should_wake()"
Previous message: Greg KH: "[patch 14/49] md: fix bug in raid10 recovery."
In reply to: Greg KH: "[patch 14/49] md: fix bug in raid10 recovery."
Next in thread: Greg KH: "[patch 16/49] JFFS2: Fix lack of locking in thread_should_wake()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]